Removes time_left check from GitAccess since we already do it in ChangeAccess

lib/gitlab/checks/change_access.rb

 module Gitlab
   module Checks
     class ChangeAccess
+      TimeoutError = Class.new(StandardError)
+
       ERROR_MESSAGES = {
         push_code: 'You are not allowed to push code to this project.',
         delete_default_branch: 'The default branch of a project cannot be deleted.',
@@ -146,7 +148,7 @@ module Gitlab
         # n+1: https://gitlab.com/gitlab-org/gitlab-ee/issues/3593
         ::Gitlab::GitalyClient.allow_n_plus_1_calls do
           commits.each do |commit|
-            raise Gitlab::GitAccess::TimeoutError unless time_left > 0
+            raise TimeoutError unless time_left > 0
             commit_check.validate(commit, validations_for_commit(commit))
           end
@@ -239,7 +241,7 @@ module Gitlab
       end
       def log_timed(method_name)
-        raise Gitlab::GitAccess::TimeoutError unless time_left > 0
+        raise TimeoutError unless time_left > 0
         start = Time.now
         yield

lib/gitlab/git_access.rb

@@ -268,12 +268,6 @@ module Gitlab
         # If user does not have access to make at least one change, cancel all
         # push by allowing the exception to bubble up
         check_single_change_access(change, skip_lfs_integrity_check: !first_change)
-
-        time_left = Time.now - start_time
-
-        # If the access check is taking more than 50 seconds we do not want to continue
-        # and instead want to return the trace of the checks already made
-        raise TimeoutError, @trace.join("\n") if time_left >= INTERNAL_TIMEOUT
       end
     end
@@ -290,7 +284,7 @@ module Gitlab
       change_access.exec
       @trace += change_access.check_log
-    rescue TimeoutError, GRPC::DeadlineExceeded
+    rescue Checks::ChangeAccess::TimeoutError, GRPC::DeadlineExceeded
       @trace += change_access.check_log
       raise TimeoutError, @trace.join("\n")
     end

spec/lib/gitlab/checks/change_access_spec.rb

@@ -39,7 +39,7 @@ describe Gitlab::Checks::ChangeAccess do
                                      user_access: user_access,
                                      protocol: protocol)
-        expect { access.exec }.to raise_error(Gitlab::GitAccess::TimeoutError)
+        expect { access.exec }.to raise_error(described_class::TimeoutError)
       end
     end

spec/lib/gitlab/git/lfs_changes_spec.rb

@@ -15,5 +15,9 @@ describe Gitlab::Git::LfsChanges do
     it 'limits new_objects using object_limit' do
       expect(subject.new_pointers(object_limit: 1)).to eq([])
     end
+
+    it 'times out if given a small dynamic timeout' do
+      expect { subject.new_pointers(dynamic_timeout: 0.001) }.to raise_error(GRPC::DeadlineExceeded)
+    end
   end
 end

spec/lib/gitlab/git_access_spec.rb

@@ -934,6 +934,18 @@ describe Gitlab::GitAccess do
         # There is still an N+1 query with protected branches
         expect { access.check('git-receive-pack', changes) }.not_to exceed_query_limit(control_count).with_threshold(1)
       end
+
+      it 'raises TimeoutError when #check_single_change_access raises DeadlineExceeded error' do
+        allow_any_instance_of(Gitlab::Checks::ChangeAccess).to receive(:exec).and_raise(GRPC::DeadlineExceeded)
+
+        expect { access.check('git-receive-pack', changes) }.to raise_error(described_class::TimeoutError, "Running checks for branch: wow")
+      end
+
+      it 'raises TimeoutError when #check_single_change_access raises a timeout error' do
+        allow_any_instance_of(Gitlab::Checks::ChangeAccess).to receive(:exec).and_raise(Gitlab::Checks::ChangeAccess::TimeoutError)
+
+        expect { access.check('git-receive-pack', changes) }.to raise_error(described_class::TimeoutError, "Running checks for branch: wow")
+      end
     end
   end